Many of today's computing systems include computing resources that are not fully utilized. The owners of these systems often could benefit by increasing the utilization of these systems' computing resources.
A number of approaches could be adopted to increase utilization. Under a “consolidation” approach, the processes and data of multiple parties might be co-located on a single hardware unit in order to more fully utilize the resources of the hardware unit. Under the consolidation approach, multiple parties might share a single hardware unit's resources, including file systems, network connections, and memory structures. For example, multiple businesses might have separate websites that are hosted by the same server.
However, some of the parties might not know or trust each other. In some cases, some of the parties might actually be competitors. Under such circumstances, each party would want to ensure that its processes and data are shielded, or isolated, from access by other parties and those other parties' processes.
Mechanisms that would isolate one party's processes and data from other parties sharing the same hardware unit have been proposed. For example, a “jail” mechanism provides the ability to partition an operating system environment into a “non-jailed” environment and one or more “jailed” environments. The jail mechanism allows users, processes, and data to be associated with a jailed environment. For example, one group of users, processes, and data may be associated with one jailed environment, and another group of users, processes, and data may be associated with another jailed environment. The jail mechanism restricts users and processes that are associated with a particular jailed environment from accessing processes and data that are associated with environments (both jailed and non-jailed) other than the particular jailed environment.
Under the jail approach, each jail has its own associated file system, which cannot be accessed by processes running within any other jail. The file system associated with a jail contains all of the files that are used by processes running within that jail, including some files that are particular to that jail, and many general files (e.g. operating system files, shared library files, etc.), that are used by many or all jails. Because each jail maintains its own file system, and because each file system contains all of the files used by that jail, if there are multiple jails, there will be multiple jail file systems, which means that there will be multiple copies of the general files. If the number of general files is large (as is usually the case), this can lead to the redundant storage of a large number of general files, which in turn leads to waste of storage and other system resources.